Mozilla Vulnerabilities
Comprehensive security vulnerability database for Mozilla products
3
28
32
0
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-2783 | 7.5 | This vulnerability allows an attacker to access sensitive information from a user's system through a flaw in Firefox's JavaScript engine. It affects versions of Firefox and Thunderbird before 148 and 140.8, meaning users need to update their software to protect against potential data leaks. | mozillafirefox | Exploit Available | about 1 month agoFeb 24, 2026 |
| CVE-2026-2769 | 8.8 | This vulnerability allows an attacker to execute malicious code on a user's system by exploiting a flaw in how Firefox and Thunderbird manage data storage. It affects versions prior to 148 for Firefox and 148 for Thunderbird, meaning users with outdated software are at risk if they visit a compromised website or open a malicious email. | mozillafirefox | Exploit Available | about 1 month agoFeb 24, 2026 |
| CVE-2026-2447 | 8.8 | This vulnerability allows an attacker to potentially execute malicious code on a user's system by exploiting a flaw in how Firefox and Thunderbird handle video data. It affects specific versions of these applications, so users need to ensure they are running the latest updates to stay protected. | mozillafirefox | Exploit Available | about 2 months agoFeb 16, 2026 |
About Mozilla Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Mozilla products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.